WHAT IS CLAIMED IS: 



1 1 . A method of verifying whether a specified computer program satisfies a predefined 

2 set of conditions, comprising: 

3 converting the program into a logical equation representing the predefined set of 

4 conditions as applied to instructions and elements of the instructions of the program, the 

5 converting step including inserting flow control labels into the sub-equations of the logical 

6 equation, the flow control labels identifying conditional branch points in the specified 

7 computer program; 

8 applying a theorem prover to the logical equation to determine the truth of the logical 

9 equation, and when the truth of the logical equation cannot be proved, generating at least one 

10 counter-example identifying one of the conditions, one or more variable values inconsistent 

1 1 with the one condition, and any of the flow control labels for conditional branch points of the 

12 program associated with the identified variable values; and 

13 converting the at least one counter-example into an error message that includes a 

14 program trace when the counter-example identifies one or more of the flow control labels. 

1 2. The method of claim 1 wherein the converting step additionally comprises a step of 

2 converting the program into an intermediate language form prior to creating the logical 

3 equation, 

1 3. The method of claim 2 wherein the flow control labels are inserted before converting 

2 the program into the intermediate language form. 

1 4. The method of claim 2 wherein the flow control labels are inserted after converting 

2 the program into the intermediate language form. 

1 5. The method of claim 2 wherein the intermediate language form is Dijkstra's guarded 

2 command language. 

1 6. The method of claim 1 wherein at least one of the flow control labels includes a flow 

2 control label name that includes a string that identifies a type of branch in the program and a 

3 line number in the specified computer program. 
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1 7. The method of claim 1 wherein at least one of the flow control labels includes a flow 

2 control label name that includes a value associated with an entry in a table that identifies a 

3 type of branch in the program and a line number in the specified computer program. 

1 8, The method of claim 1 wherein at least one of the flow control labels is of the form 

2 L => P wherein L is a flow control label name and P is a subcomponent of the logical 

3 equation. 

1 9. The method of claim 8 wherein the flow control label name comprises a string that 

2 identifies a type of branch in the program and a line number ia the specified computer 

3 program. 

1 10. The method of claim 8 wherein the flow control label name includes a value 

2 associated with an entry in a table that identifies a type of branch in the program and a line 

3 number in the specified computer program. 

1 11. The method of claim 1 wherein at least one of the flow control labels is of the form 

2 L=k => P wherein L is a flow control label name, k is a constant value and P is a 

3 subcomponent of the logical equation. 

1 12. The method of claim 1 1 wherein the flow control label name comprises a string that 

2 identifies a type of branch in the program and a line number in the specified computer 

3 program. 

1 13. The method of claim 1 1 wherein the flow control label name includes a value 

2 associated with an entry in a table that identifies a type of branch in the program and a line 

3 number in the specified computer program. 

1 14. The method of claim 1 wherein at least one of the flow control labels is of the form 

2 {LBLPOS L P} wherein L is a flow control label name and P is a subcomponent of the 

3 logical equation. 
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1 15. The method of claim 14 wherein the flow control label name comprises a string that 

2 identifies a type of branch in the program and a line number in the specified computer 

3 program. 

1 16, The method of claim 14 wherein the flow control label name includes a value 

2 associated with an entry in a table that identifies a type of branch in the program and a line 

3 number in the specified computer program, 

1 17. The method of claim 1 wherein at least one of the flow control labels is of the form 

2 ^{LBLNEG L "'P} wherein L is a flow control label name and P is a subcomponent of the 

3 logical equation. 

1 18. The method of claim 17 wherein the flow control label name comprises a string that 

2 identifies a type of branch in the program and a line number in the specified computer 

3 program. 

1 19. The method of claim 17 wherein the flow control label name includes a value 

2 associated with an entry in a table that identifies a type of branch in the program and a line 

3 number in the specified computer program. 

1 20. The method of claim 1 wherein at least one of the flow control labels is of the form 

2 {LBLPOS L True} => P wherein L is a flow control label name and P is a subcomponent of 

3 the logical equation. 

1 21 . The method of claim 20 wherein the flow control label name comprises a string that 

2 identifies a type of branch in the program and a line number in the specified computer 

3 program. 

1 22. The method of claim 1 wherein the flow control label name identifies a line number in 

2 the specified computer program at which an associated program instruction is located and 

3 includes a sequence number indicating an order of execution of the program instruction at the 

4 identified line number relative to other program instructions identified by other flow control 

5 labels. 
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1 23 . A computer program product for use in conjunction with a computer system, the 

2 computer program product comprising a computer readable storage medium and a computer 

3 program mechanism embedded therein, the computer program mechanism comprising: 

4 a verification condition generator that converts a specified program into a logical 

5 equation representing the predefined set of conditions as applied to instructions and elements 

6 of the instructions of the program, the verification condition generator including instructions 

7 that insert flow control labels into the sub-equations of the logical equation, the flow control 

8 labels identifying conditional branch points in the specified computer program; 

9 a theorem prover that processes the logical equation to determine the truth of the 

10 logical equation, and when the truth of the logical equation cannot be proved, generates at 

1 1 least one counter-example identifying one of the conditions, one or more variable values 

12 inconsistent with the one condition, and any of the flow control labels for conditional branch 

1 3 points of the program associated with the identified variable values; and 

14 a post processing module that converts the at least one counter-example into an error 

1 5 message that includes a program trace when the counter-example identifies one or more of 

1 6 the flow control labels. 

1 24. The computer program product of claim 23 wherein the verification condition 

2 generator includes instructions for converting the program into an intermediate language form 

3 prior to creating the logical equation, 

1 25 . The computer program product of claim 24 wherein the verification condition 

2 generator includes instructions for inserting the flow control labels before converting the 

3 program into the intermediate language form. 

1 26, The computer program product of claim 24 wherein the verification condition 

2 generator includes instructions for inserting the flow control labels after converting the 

3 program into the intermediate language form. 

1 27. The computer program product of claim 24 wherein the intermediate language form is 

2 Dijkstra's guarded command language. 
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1 28. The computer program product of claim 23 wherein at least one of the flow control 

2 labels includes a flow control label name that includes a string that identifies a type of branch 

3 in the program and a Une number in the specified computer program. 

1 29. The computer program product of claim 23 wherein at least one of the flow control 

2 labels includes a flow control label name that includes a value associated with an entry in a 

3 table that identifies a type of branch in the program and a Une number in the specified 

4 computer program, 

1 30. The computer program product of claim 23 wherein at least one of the flow control 

2 labels is of the form L => P wherein L is a flow control label name and P is a subcomponent 

3 of the logical equation. 

1 31. The computer program product of claim 30 wherein the flow control label name 

2 comprises a string that identifies a type of branch in the program and a line number in the 

3 specified computer program. 

1 32. The computer program product of claim 30 wherein the flow control label name 

2 includes a value associated with an entry in a table that identifies a type of branch in the 

3 program and a line number in the specified computer program. 

1 33 . The computer program product of claim 23 wherein at least one of the flow control 

2 labels is of the form L=k => P wherein L is a flow control label name, k is a constant value 

3 and P is a subcomponent of the logical equation. 

1 34. The computer program product of claim 23 wherein the flow control label name 

2 comprises a string that identifies a type of branch in the program and a line number in the 

3 specified computer program. 

1 35. The computer program product of claim 23 wherein the flow control label name 

2 includes a value associated with an entry in a table that identifies a type of branch in the 

3 program and a Une number in the specified computer program. 
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1 36. The computer program product of claim 23 wherein at least one of the flow control 

2 labels is of the form {LBLPOS L P} wherein L is a flow control label name and P is a 

3 subcomponent of the logical equation. 

1 37. The computer program product of claim 36 wherein the flow control label name 

2 comprises a string that identifies a type of branch in the program and a line number in the 

3 specified computer program. 

1 38. The computer program product of claim 36 wherein the flow control label name 

2 includes a value associated with an entry in a table that identifies a type of branch in the 

3 program and a line number in the specified computer program. 

1 39. The computer program product of claim 23 wherein at least one of the flow control 

2 labels is of the form -^{LBLNEG L --P} wherein L is a flow control label name and P is a 

3 subcomponent of the logical equation. 

1 40. The computer program product of claim 39 wherein the flow control label name 

2 comprises a string that identifies a type of branch in the program and a line number in the 

3 specified computer program. 

1 41 . The computer program product of claim 39 wherein the flow control label name 

2 includes a value associated with an entry in a table that identifies a type of branch in the 

3 program and a line number in the specified computer program. 

1 42. The computer program product of claim 23 wherein at least one of the flow control 

2 labels is of the form {LBLPOS L True} => P wherein L is a flow control label name and P 

3 is a subcomponent of the logical equation. 

1 43. The computer program product of claim 42 wherein the flow control label name 

2 comprises a string that identifies a type of branch in the program and a line number in the 

3 specified computer program. 
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1 44. The computer program product of claim 42 wherein the flow control label name 

2 includes a value associated with an entry in a table that identifies a type of branch in the 

3 specified computer program and a line number in the specified computer program. 

1 45 . The computer program product of claim 23 wherein the flow control label name 

2 identifies a line number in the specified computer program at which an associated program 

3 instruction is located and includes a sequence number indicating an order of execution of the 

4 program instruction at the identified line number relative to other program instructions 

5 identified by other flow control labels. 

1 46. The method of claim 20 wherein the flow control label name includes a value 

2 associated with an entry in a table that identifies a type of branch in the specified computer 

3 program and a line number in the specified computer program. 
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